JankariTechUG/GitTrustedTimestamps
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Changed digest that is being timestamped

Browse Source 
Changed digest that is being stamped from $parent_commit_hash, to
shaX(parent:$parent_commit_hash,tree:$tree_hash)
where shaX is the hash function used by the repository.
This change is so that the timestamp added also timestamps the
LTV data that is being added with the timestamp commit.

This LTV data now also contains CRLs for the LAST timestamp commit.
This ensures that timestamp lifetime of old timestamps gets
arbitrarily extended into the future with every new timestamp
added to the repository.

Further changes:
-Updated documentation
-updated schematics and changed from SVG to PNG
-added assertions, pre- and post-conditions
-added version number to timestamp commits as trailer
-added hashing algorithm used as trailer
-added digest being timestamped as trailer
-added the string that is hashed to get the digest as traile
-improved log messages of validate.sh
This commit is contained in:
Matthias Bühlmann
2021-02-21 18:19:05 +01:00
parent 3556989de0
commit 80034aeb78
8 changed files with 553 additions and 602 deletions
Download Patch File Download Diff File Expand all files Collapse all files

298
hooks/validate.sh
View File

@@ -50,182 +50,179 @@ if [[ ! -d "$DIR" ]]; then DIR="$PWD"; fi
validate_commit() {
local COMMIT_HASH="$1"
log "validate_commit for $COMMIT_HASH"
local COMMIT_CONTENT=$(git cat-file -p "$COMMIT_HASH")
if [ -z "$COMMIT_CONTENT" ]; then
echo_error "Invalid commit hash $COMMIT_HASH"
local TIMESTAMP_COMMIT_VERSION
local URL_ARRAY
local TOKEN_ARRAY
if ! extract_token_from_commit "$COMMIT_HASH" "$TMP_DIR" TIMESTAMP_COMMIT_VERSION URL_ARRAY TOKEN_ARRAY; then
return 1
fi
#remove files from possible previous runs
rm -f "$TMP_DIR"/*.extracted_token.pem
rm -f "$TMP_DIR"/*.extracted_token.url
#extract timestamp tokens
local URL_START=${#TRAILER_TOKEN}
URL_START=$(( $URL_START + 2))
local NUM_EXTRACTED=$(echo -n "$COMMIT_CONTENT" | awk '$0~trailertoken{ i++; print substr($0,"$URL_START") > tmpdir i ".extracted_token.url" } /-----END/{show=0} show{print substr($0,2) > tmpdir i ".extracted_token.pem"} /-----BEGIN/{show=1} END {print i}' tmpdir="$TMP_DIR/" trailertoken="$TRAILER_TOKEN")
if [ -z "$NUM_EXTRACTED" ]; then
NUM_EXTRACTED=0
local NUM_EXTRACTED="${#TOKEN_ARRAY[@]}"
if [ $NUM_EXTRACTED -eq 0 ];then
#this is not a timestamp commit
return 0
fi
#iterate over extracted base64 encodings, convert to DER, if it is a timestamp token, evaluate it.
local PARENT_HASH=$(git cat-file -p "$COMMIT_HASH" | awk '/^$/{exit} /parent/ {print}' | sed 's/parent //')
local TREE_HASH=$(git cat-file -p "$COMMIT_HASH" | awk '/^$/{exit} /tree/ {print}' | sed 's/tree //')
local EXPECTED_DIGEST
if [ $TIMESTAMP_COMMIT_VERSION -eq 0 ]; then
# version 0 timestamped directly the parent hash
EXPECTED_DIGEST="$PARENT_HASH"
else
# later versions add LTV data for last timestamp in the timestamp commit, so the tree is part of the digest
compute_digest_from_tree_and_parent "$TREE_HASH" "$PARENT_HASH" EXPECTED_DIGEST
fi
#iterate over extracted token
local ERROR_INFO_FILE="$TMP_DIR"/error_info.txt
local ERROR_INFO=""
local TMP_DER="$TMP_DIR"/extracted_token.der
local TMP_TOKEN="$TMP_DIR"/extracted_token.tst
local NUM_VALID=0
local NUM_INVALID=0
local NUM_SKIPPED=0
local PARENT_HASH=$(git cat-file -p "$COMMIT_HASH" | awk '/^$/{exit} /parent/ {print}' | sed 's/parent //')
while ls "$TMP_DIR"/*.extracted_token.pem &> "$OUT_STREAM" && read EXTRACTED_TOKEN_PEM; do
openssl base64 -d -in "$EXTRACTED_TOKEN_PEM" -out "$TMP_DER"
#since a commit might contain some unrelated trailer with the name "Timestamp:" that also contains PEM header and footer, non-timestamp-tokens should be skipped
if ! openssl ts -reply -token_in -token_out -in "$TMP_DER" -out "$TMP_TOKEN" &> "$OUT_STREAM"; then
echo_warning "A PEM encoded trailer labeled $TRAILER_TOKEN has been found in commit $COMMIT_HASH which does not seem to be a timestamp token. Skipping."
((NUM_SKIPPED++))
local EARLIEST_VALID_UNIX_TIME=-1
for (( i=0; i<"$NUM_EXTRACTED"; i++)); do
local TMP_TOKEN="${TOKEN_ARRAY[$i]}"
local DIGEST
get_token_digest "$TMP_TOKEN" DIGEST
if [ "${DIGEST,,}" != "${EXPECTED_DIGEST,,}" ]; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH is invalid because the contained digest $DIGEST does not match the timestamped hash $EXPECTED_DIGEST"
((NUM_INVALID++))
continue
else
#this is a token, validate it!
local DIGEST=''
get_token_digest "$TMP_TOKEN" DIGEST
if [ "${DIGEST,,}" != "${PARENT_HASH,,}" ]; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH is invalid because the contained digest $DIGEST does not match the timestamped hash $PARENT_HASH"
fi
local SIGNING_CERT_ID=''
get_tsa_cert_id "$TMP_TOKEN" SIGNING_CERT_ID
local TOKEN_UNIXTIME=''
get_token_unix_time "$TMP_TOKEN" TOKEN_UNIXTIME
local TSA_URL="${URL_ARRAY[$i]}"
local CERT_CHAIN_FILE="$LTV_DIR"/certs/"$SIGNING_CERT_ID".cer
if [ ! -f "$CERT_CHAIN_FILE" ]; then
#If LTV data is not in the working directory, try to check it out from the corresponding commit
local TMP_CERT_CHAIN_FILE="$TMP_DIR"/"$SIGNING_CERT_ID".cer
local PATH_SPEC=$(realpath --relative-to="$ROOT_DIR" "$CERT_CHAIN_FILE")
local CERT_CHAIN_CONTENT=$(git show "$COMMIT_HASH":"$PATH_SPEC") && printf "%s" "$CERT_CHAIN_CONTENT" > "$TMP_CERT_CHAIN_FILE"
CERT_CHAIN_FILE="$TMP_CERT_CHAIN_FILE"
fi
if [ ! -f "$CERT_CHAIN_FILE" ]; then
#if ltv data has not been stored for this commit, try to contact TSA to recreate it
if ! build_certificate_chain_for_token "$TMP_TOKEN" "$DIGEST" "$TSA_URL" "$CERT_CHAIN_FILE"; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since neither LTV data of certificate chain could be found nor could the certificate chain be recreated from the TSA url."
((NUM_INVALID++))
continue
fi
local SIGNING_CERT_ID=''
get_tsa_cert_id "$TMP_TOKEN" SIGNING_CERT_ID
local TOKEN_UNIXTIME=''
get_token_unix_time "$TMP_TOKEN" TOKEN_UNIXTIME
local TSA_URL_FILE="${EXTRACTED_TOKEN_PEM/.pem/.url}"
local TSA_URL=$(cat "$TSA_URL_FILE")
local CERT_CHAIN_FILE="$LTV_DIR"/certs/"$SIGNING_CERT_ID".cer
if [ ! -f "$CERT_CHAIN_FILE" ]; then
#If LTV data is not in the working directory, try to check it out from the corresponding commit
local TMP_CERT_CHAIN_FILE="$TMP_DIR"/"$SIGNING_CERT_ID".cer
local PATH_SPEC=$(realpath --relative-to="$ROOT_DIR" "$CERT_CHAIN_FILE")
local CERT_CHAIN_CONTENT=$(git show "$COMMIT_HASH":"$PATH_SPEC") && echo -n "$CERT_CHAIN_CONTENT" > "$TMP_CERT_CHAIN_FILE"
CERT_CHAIN_FILE="$TMP_CERT_CHAIN_FILE"
fi
if [ ! -f "$CERT_CHAIN_FILE" ]; then
#if ltv data has not been stored for this commit, try to contact TSA to recreate it
if ! build_certificate_chain_for_token "$TMP_TOKEN" "$DIGEST" "$TSA_URL" "$CERT_CHAIN_FILE"; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since neither LTV data of certificate chain could be found nor could the certificate chain be recreated from the TSA url."
((NUM_INVALID++))
continue
fi
fi
#$CERT_CHAIN_FILE at this point contains certificate chain of token's signing certificate.
#first validate the token itself at the time of timestamping
if ! openssl ts -verify -digest "$DIGEST" -in "$TMP_TOKEN" -token_in -attime "$TOKEN_UNIXTIME" \
-CApath "$CA_PATH" -untrusted "$CERT_CHAIN_FILE" 1> "$OUT_STREAM" 2> "$ERROR_INFO_FILE"; then
ERROR_INFO=$(cat "$ERROR_INFO_FILE")
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since it is invalid or its rootCA isn't trusted: $ERROR_INFO"
((NUM_INVALID++))
continue
fi
fi
#$CERT_CHAIN_FILE at this point contains certificate chain of token's signing certificate.
#first validate the token itself at the time of timestamping
if ! openssl ts -verify -digest "$DIGEST" -in "$TMP_TOKEN" -token_in -attime "$TOKEN_UNIXTIME" \
-CApath "$CA_PATH" -untrusted "$CERT_CHAIN_FILE" 1> "$OUT_STREAM" 2> "$ERROR_INFO_FILE"; then
ERROR_INFO=$(cat "$ERROR_INFO_FILE")
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since it is invalid or its rootCA isn't trusted: $ERROR_INFO"
((NUM_INVALID++))
continue
fi
#now validate the issuing certificate at the time of timestamping, using historical CRLs
local CRL_CHAIN_FILE="$LTV_DIR"/crls/"$SIGNING_CERT_ID".crl
local HISTORIC_CRL_CHAIN_FILE="$TMP_DIR"/"$SIGNING_CERT_ID".crl
local PATH_SPEC=$(realpath --relative-to="$ROOT_DIR" "$CRL_CHAIN_FILE")
local CRL_CHAIN_CONTENT=$(git show "$COMMIT_HASH":"$PATH_SPEC") && echo "$CRL_CHAIN_CONTENT" > "$HISTORIC_CRL_CHAIN_FILE"
if [ ! -f "$HISTORIC_CRL_CHAIN_FILE" ]; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since no CRL data valid at the time of timestamping could be found."
#now validate the issuing certificate at the time of timestamping, using historical CRLs
local CRL_CHAIN_FILE="$LTV_DIR"/crls/"$SIGNING_CERT_ID".crl
local HISTORIC_CRL_CHAIN_FILE="$TMP_DIR"/"$SIGNING_CERT_ID".crl
local PATH_SPEC=$(realpath --relative-to="$ROOT_DIR" "$CRL_CHAIN_FILE")
local CRL_CHAIN_CONTENT=$(git show "$COMMIT_HASH":"$PATH_SPEC") && printf "%s" "$CRL_CHAIN_CONTENT" > "$HISTORIC_CRL_CHAIN_FILE"
if [ ! -f "$HISTORIC_CRL_CHAIN_FILE" ]; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since no CRL data valid at the time of timestamping could be found."
((NUM_INVALID++))
continue
fi
#historic CRL data available, check if the signing certificate was valid at the time of timestamping
if ! openssl verify -attime "$TOKEN_UNIXTIME" -CApath "$CA_PATH" -CRLfile "$HISTORIC_CRL_CHAIN_FILE" \
-crl_check_all -untrusted "$CERT_CHAIN_FILE" "$CERT_CHAIN_FILE" 1> "$OUT_STREAM" 2> "$ERROR_INFO_FILE"; then
cat "$HISTORIC_CRL_CHAIN_FILE"
ERROR_INFO=$(cat "$ERROR_INFO_FILE")
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH is invalid since TSA certificate has not been valid at the time the timestamp was created: $ERROR_INFO"
((NUM_INVALID++))
continue
fi
#now check that for each certificate in the trust chain a currently valid CRL can be found AND that
#each of the certificates either hasn't been revoked OR it has been revoked and the revocation entry contains the reasonCode
#extension and the reason code is one of unspecified (0), affiliationChanged (3), superseded (4) or cessationOfOperation (5) (see chapter 4 of https://www.ietf.org/rfc/rfc3161.txt)
local MOST_CURRENT_CRL_CHAIN_FILE="$TMP_DIR"/"$SIGNING_CERT_ID".crl
if ! download_crls_for_chain "$CERT_CHAIN_FILE" "$MOST_CURRENT_CRL_CHAIN_FILE"; then
echo_warning "Current CRLs for token could not be downloaded. Will try to use most recent CRL in LTV store".
if ! git show HEAD:"$CRL_CHAIN_FILE" > "$MOST_CURRENT_CRL_CHAIN_FILE"; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since no currently valid CRL data could be found."
((NUM_INVALID++))
continue
fi
#historic CRL data available, check if the signing certificate was valid at the time of timestamping
if ! openssl verify -attime "$TOKEN_UNIXTIME" -CApath "$CA_PATH" -CRLfile "$HISTORIC_CRL_CHAIN_FILE" \
-crl_check_all -untrusted "$CERT_CHAIN_FILE" "$CERT_CHAIN_FILE" 1> "$OUT_STREAM" 2> "$ERROR_INFO_FILE"; then
cat "$HISTORIC_CRL_CHAIN_FILE"
ERROR_INFO=$(cat "$ERROR_INFO_FILE")
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH is invalid since TSA certificate has not been valid at the time the timestamp was created: $ERROR_INFO"
((NUM_INVALID++))
continue
fi
#now check that for each certificate in the trust chain a currently valid CRL can be found AND that
#each of the certificates either hasn't been revoked OR it has been revoked and the revocation entry contains the reasonCode
#extension and the reason code is one of unspecified (0), affiliationChanged (3), superseded (4) or cessationOfOperation (5) (see chapter 4 of https://www.ietf.org/rfc/rfc3161.txt)
local MOST_CURRENT_CRL_CHAIN_FILE="$TMP_DIR"/"$SIGNING_CERT_ID".crl
if ! download_crls_for_chain "$CERT_CHAIN_FILE" "$MOST_CURRENT_CRL_CHAIN_FILE"; then
echo_warning "Current CRLs for token could not be downloaded. Will try to use most recent CRL in LTV store".
if ! git show HEAD:"$CRL_CHAIN_FILE" > "$MOST_CURRENT_CRL_CHAIN_FILE"; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since no currently valid CRL data could be found."
((NUM_INVALID++))
continue
fi
fi
#expand cert chain and crl chain into individual files
#remove files from previous runs
rm -f "$TMP_DIR"/*.extracted_cert.pem
rm -f "$TMP_DIR"/*.extracted_crl.pem
cat "$CERT_CHAIN_FILE" \
fi
#expand cert chain and crl chain into individual files
#remove files from previous runs
rm -f "$TMP_DIR"/*.extracted_cert.pem
rm -f "$TMP_DIR"/*.extracted_crl.pem
cat "$CERT_CHAIN_FILE" \
| awk '/-----BEGIN CERTIFICATE-----/ { i++; } /-----BEGIN CERTIFICATE-----/, /-----END CERTIFICATE-----/ \
{ print > tmpdir i ".extracted_cert.pem" }' tmpdir="$TMP_DIR/"
cat "$MOST_CURRENT_CRL_CHAIN_FILE" \
cat "$MOST_CURRENT_CRL_CHAIN_FILE" \
| awk '/-----BEGIN X509 CRL-----/ { i++; } /-----BEGIN X509 CRL-----/, /-----END X509 CRL-----/ \
{ print > tmpdir i ".extracted_crl.pem" }' tmpdir="$TMP_DIR/"
#iterate over extracted certificates (first is signing certificate, last is self-signed root)
while ls "$TMP_DIR"/*.extracted_cert.pem &> "$OUT_STREAM" && read EXTRACTED_CERT; do
if ! openssl verify -CApath "$CA_PATH" -CRLfile "$MOST_CURRENT_CRL_CHAIN_FILE" \
-crl_check -untrusted "$CERT_CHAIN_FILE" "$EXTRACTED_CERT" 1> "$OUT_STREAM" 2> "$ERROR_INFO_FILE"; then
ERROR_INFO=$(cat "$ERROR_INFO_FILE")
local ERROR_NUMBER=$(echo -n "$ERROR_INFO" | awk '/depth lookup/;' | sed 's/error //' | sed 's/ at.*//')
#local ERROR_DEPTH=$(cat error.txt | awk '/depth lookup/;' | sed 's/.*at //' | sed 's/ depth lookup.*//')
#error number must be
local X509_V_ERR_CERT_REVOKED=23
if [ "$ERROR_NUMBER" -ne "$X509_V_ERR_CERT_REVOKED" ]; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since certificate validity could not be verified. Error: $ERROR_INFO."
#iterate over extracted certificates (first is signing certificate, last is self-signed root)
while ls "$TMP_DIR"/*.extracted_cert.pem &> "$OUT_STREAM" && read EXTRACTED_CERT; do
if ! openssl verify -CApath "$CA_PATH" -CRLfile "$MOST_CURRENT_CRL_CHAIN_FILE" \
-crl_check -untrusted "$CERT_CHAIN_FILE" "$EXTRACTED_CERT" 1> "$OUT_STREAM" 2> "$ERROR_INFO_FILE"; then
ERROR_INFO=$(cat "$ERROR_INFO_FILE")
local -i ERROR_NUMBER=$(printf "%s" "$ERROR_INFO" | awk '/depth lookup/;' | sed 's/error //' | sed 's/ at.*//')
#local ERROR_DEPTH=$(cat error.txt | awk '/depth lookup/;' | sed 's/.*at //' | sed 's/ depth lookup.*//')
#error number must be
local -i X509_V_ERR_CERT_REVOKED=23
if [ $ERROR_NUMBER -ne $X509_V_ERR_CERT_REVOKED ]; then
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH could not be validated since certificate validity could not be verified. Error: $ERROR_INFO."
((NUM_INVALID++))
continue 2
else
#find revocation reason
local CERT_SERIAL=$(openssl x509 -inform PEM -in "$EXTRACTED_CERT" -noout -serial | sed 's/serial=//')
local REVOCATION_ACCEPTABLE=false
local REASON=''
while ls "$TMP_DIR"/*.extracted_crl.pem &> "$OUT_STREAM" && read EXTRACTED_CRL; do
REASON=$(openssl crl -inform PEM -in "$EXTRACTED_CRL" -noout -text | awk '/$"CERT_SERIAL"/{f=1; next} f && /Serial Number:/{f=0} f && /CRL Reason Code:/{g=1; next} g {print; exit}' | sed 's/ *//')
if [ -z "$REASON" ]; then
continue
fi
#acceptable reasons: see chapter 4 of RFC3161
if [[ "$REASON" == "Unspecified" || "$REASON" == "Affiliation Changed" || "$REASON" == "Superseded" || "$REASON" == "Cessation Of Operation" ]]; then
REVOCATION_ACCEPTABLE=true
break
fi
done <<< $(ls "$TMP_DIR"/*.extracted_crl.pem 2> "$OUT_STREAM")
if [ "$REVOCATION_ACCEPTABLE" != true ]; then
if [ -z "$REASON" ]; then
REASON="Certificate revoked without reasonCode extension."
fi
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH is invalid since certificate was revoked for the following reason: $REASON"
((NUM_INVALID++))
continue 2
else
#find revocation reason
local CERT_SERIAL=$(openssl x509 -inform PEM -in "$EXTRACTED_CERT" -noout -serial | sed 's/serial=//')
local REVOCATION_ACCEPTABLE=false
local REASON=''
while ls "$TMP_DIR"/*.extracted_crl.pem &> "$OUT_STREAM" && read EXTRACTED_CRL; do
REASON=$(openssl crl -inform PEM -in "$EXTRACTED_CRL" -noout -text | awk '/$"CERT_SERIAL"/{f=1; next} f && /Serial Number:/{f=0} f && /CRL Reason Code:/{g=1; next} g {print; exit}' | sed 's/ *//')
if [ -z "$REASON" ]; then
continue
fi
#acceptable reasons: see chapter 4 of RFC3161
if [[ "$REASON" == "Unspecified" || "$REASON" == "Affiliation Changed" || "$REASON" == "Superseded" || "$REASON" == "Cessation Of Operation" ]]; then
REVOCATION_ACCEPTABLE=true
break
fi
done <<< $(ls "$TMP_DIR"/*.extracted_crl.pem 2> "$OUT_STREAM")
if [ "$REVOCATION_ACCEPTABLE" != true ]; then
if [ -z "$REASON" ]; then
REASON="Certificate revoked without reasonCode extension."
fi
echo_warning "Token from $TSA_URL in commit $COMMIT_HASH is invalid since certificate was revoked for the following reason: $REASON"
((NUM_INVALID++))
continue 2
fi
fi
fi
done <<< $(ls "$TMP_DIR"/*.extracted_cert.pem 2> "$OUT_STREAM")
#token is valid
((NUM_VALID++))
fi
done <<< $(ls "$TMP_DIR"/*.extracted_cert.pem 2> "$OUT_STREAM")
#token is valid
if [ $EARLIEST_VALID_UNIX_TIME -eq -1 ] || [ $TOKEN_UNIXTIME -lt $EARLIEST_VALID_UNIX_TIME ];then
EARLIEST_VALID_UNIX_TIME=$TOKEN_UNIXTIME
fi
done <<< $(ls "$TMP_DIR"/*.extracted_token.pem 2> "$OUT_STREAM")
local NUM_PROCESSED=$(( $NUM_VALID + $NUM_INVALID + $NUM_SKIPPED ))
((NUM_VALID++))
done #for loop
local NUM_PROCESSED=$(( $NUM_VALID + $NUM_INVALID ))
#assert that all extracted timestamps have been processed
if [ "$NUM_PROCESSED" -ne "$NUM_EXTRACTED" ]; then
echo_error "Assetion failed NUM_PROCESSED==NUM_EXTRACTED"
return 1
fi
if [ "$NUM_VALID" -eq 0 ] && [ "$NUM_INVALID" -eq 0 ]; then
#this commit does not contain timestamp tokens.
return 0
elif [ "$NUM_VALID" -gt 0 ]; then
if [ "$NUM_INVALID" -gt 0 ]; then
assert "[ $NUM_PROCESSED -eq $NUM_EXTRACTED ]" "All extracted token must be processed."
if [ $NUM_VALID -gt 0 ]; then
if [ $NUM_INVALID -gt 0 ]; then
echo_warning "Warning: While commit $COMMIT_HASH contains $NUM_VALID valid timestamp tokens and thus is considered proppely timestamped, it also contains $NUM_INVALID invalid timestamp tokens."
fi
echo_info "Commit $COMMIT_HASH contains $NUM_VALID valid timestamp tokens."
DATE_STRING=$(date -d @"$EARLIEST_VALID_UNIX_TIME")
echo_info "Commit $COMMIT_HASH, which timestamps commit $PARENT_HASH at $DATE_STRING, contains $NUM_VALID valid timestamp tokens."
echo ""
return 0
fi
echo_error "All $NUM_INVALID timestamp tokens in commit $COMMIT_HASH are invalid."
echo_error "All $NUM_EXTRACTED timestamp tokens in commit $COMMIT_HASH are invalid."
return 1
}
@@ -235,7 +232,7 @@ validate_commit() {
validate_commit_and_parents() {
local COMMIT_HASH="$1"
log "validate_commit_and_parents for $COMMIT_HASH"
local ALL_PASSED=true
if ! validate_commit "$COMMIT_HASH"; then
ALL_PASSED=false
@@ -247,7 +244,7 @@ validate_commit_and_parents() {
if ! validate_commit_and_parents "$PARENT_HASH"; then
ALL_PASSED=false
fi
done <<< $(echo -n "$PARENTS")
done <<< $(printf "%s" "$PARENTS")
fi
if [ "$ALL_PASSED"=true ]; then
return 0
@@ -271,8 +268,11 @@ if ! git fsck --full --strict --no-progress --no-dangling "$COMMIT_HASH"; then
echo_error "git fsck failed. This means the repository is in a corrupted state and cannot be validated. Restore corrupt files from a backup or remote repository."
exit 1
fi
echo_info "Repository integrity OK"
echo ""
echo_info "Validating timestamps. This may take a while..."
echo ""
if validate_commit_and_parents "$COMMIT_HASH"; then
echo_info "Validation OK: All timestamped commits in the commit history of $COMMIT_HASH contain at least one valid timestamp."
exit 0